Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S262273AbTIZOWA (ORCPT ); Fri, 26 Sep 2003 10:22:00 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S262275AbTIZOWA (ORCPT ); Fri, 26 Sep 2003 10:22:00 -0400 Received: from www.wotug.org ([194.106.52.201]:32318 "EHLO ivimey.org") by vger.kernel.org with ESMTP id S262273AbTIZOV6 (ORCPT ); Fri, 26 Sep 2003 10:21:58 -0400 Date: Fri, 26 Sep 2003 15:21:56 +0100 (BST) From: Ruth Ivimey-Cook X-X-Sender: ruthc@gatemaster.ivimey.org To: Maciej Zenczykowski cc: Ingo Molnar , Linux Kernel Mailing List Subject: Re: Syscall security In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Spam-Score: 0.1 (/) Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 26 Sep 2003, Maciej Zenczykowski wrote: >> if this syscall activity is so low then it might be much more flexible to >> control the binary via ptrace and reject all but the desired syscalls. >> This will cause a context switch but if it's stdio only then it's not a >> big issue. Plus this would work on any existing Linux kernel. > >Unfortunately sometimes the data transfer through stdio can be counted in >hundreds of MB (or even in extreme cases a couple of GB), plus it is Would running the process under user-mode linux help any? (I'm not sure) Ruth -- Ruth Ivimey-Cook Software engineer and technical writer. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/